On my new Reciprocity website, I've added a feature which is a potential security vulnerability. This market resolves to Yes if either of these occur:

• The feature is exploited successfully to lead to a privacy failure.

• I remove this feature because I'm afraid of it being exploited, or because it's too painful for me to monitor it to prevent exploitation. (I'll probably do this only if I believe that the feature is more than 20% likely to lead to a privacy failure.)

By "privacy failure", I mean that any user learns a fact about the checking preferences of any other user that they shouldn't have learned according to the normal rules of the site.

The details will be clearer when the website has been released.